Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sophos Intercept X Endpoint 输入验证错误漏洞
Vulnerability Description
Sophos Intercept X Endpoint是英国Sophos公司的一种端点保护。用于阻止最新的网络安全威胁。 多款Sophos产品中的AV解析引擎(2020-01-14之前版本)中存在输入验证错误漏洞。攻击者可借助特制的ZIP文件利用该漏洞绕过病毒检查。以下产品及版本受到影响:Endpoint Protection;Cloud Optix;Mobile;Intercept X Endpoint;Intercept X for Server;Secure Web Gateway。
CVSS Information
N/A
Vulnerability Type
N/A